RYAN DAVIES

adcoce@r.postjobfree.com Cell: 571-***-****

ACCOUNT MANAGEMENT SECURITY MANAGEMENT INFORMATION SECURITY SPLUNK

Global security management leader with extensive experience in Security, Cybersecurity, Sales, Account Management, and global business leadership. Executes decision-making authorities and establishes vision to understand technology, management, and leadership issues related to organizational processes and problem-solving. Experience includes Provide technical evaluations of customer systems and assists with making security improvements. Skill in staff supervision, including assigning work and providing training and discipline. Expert Splunk user certified Core Power User and Core User. Held a TS-SCI clearance, strong ability to handling confidential and sensitive matters. Selected to a pilot program with the FBI at 16 and received numerous awards.

•Outstanding oral and written communication skills and interpersonal skills.

•Strong analytical skills, including the ability to collect, extract, synthesize, and summarize applicable data, perform root cause analysis, and implement recommended scalable solutions.

•Proven ability to quickly assess issues and challenges, utilize applicable data and innovative methodologies, and develop solutions in the best interest of long-term gain for the client/customer.

•Extensive experience in developing and nurturing relationships through collaborative engagements with executive leadership, operations management, peers, and clients.

TECHNICAL SKILLS

Splunk Certified Core Power User and Splunk Certified Core Use, CompTIA Security+, CompTIA Server+, CompTIA A+, CompTIA Network+ 11, MCP: Windows 10, MTA: Security, Server Administration, Mobility & Devices, and Network Fundamentals, CompTIA IT Operations Specialist, CompTIA Network Infrastructure Professional, Pathways Professional Development Certificate, PEC Safeland Certification Symantec Endpoint Protection, Virus Total, Solarwinds, Zscaler, Resilient, ServiceNow, and Splunk. SQL, Python, TCP/IP Services VoIP and Unified Communications, Microsoft Azure, CompTIA, Splunk, Jira

AREAS OF EXPERTISE

Information Security, Information Assurance, Staff Development & Management, Service Desk Optimization, Asset Management, Project Management & Execution, Disaster Recovery, and Continuity Plan Management, Requirements Analysis & Management, Quality Assurance, Change Management, Service Accountability, RFP Preparation/Contract Negotiations, Reporting, Presentation, Customer Relations, Data Mining, Data Science Data Visualization, Ethical Hacking, Cloud Computing, Network Security, Data Governance, Cloud Architecture, Access Management, Cybersecurity, Proposal Management, Human Resources, Recruiting

PROFESSIONAL EXPERIENCE

VSOC Global Account Manager

Securitas Security Services (Contract Assignment), Herndon, VA 03/2005-Present

Serves as a critical point of client contact to ensure the delivery of high-quality customer service for assigned accounts; evaluates service quality and initiates any necessary corrective action promptly. Directs Manages the security services and related operations provided to an assigned account including client service and problem resolution, service enhancement and expansion, new business development, operational effectiveness, preparation of post orders, staffing, scheduling, supervision, and training. Provides input to company initiatives; promptly assists in the resolution of legal, financial, human resources, and administrative issues.

Leadership & Management

•Maintains a positive, professional environment in full compliance with applicable laws, regulations, policies, and procedures; acts to ensure that staff members understand and comply with applicable laws, regulations, policies, and procedures.

•Authorizes appropriate expenditures including equipment, supplies, and vehicles; acts to ensure that vehicles are properly maintained and administers driver training; acts to ensure that there is an adequate inventory of uniforms, radios, and other supplies and equipment; maintains and submits payroll records and other associate and business information.

•Instrumental in setting up new Securitas contract, repeatedly praised for work exceeding client expectations from Office of Corporate Security Management Team.

Cyber Security & Information Security Operations

•Created 15 Splunk Dashboards for visualization and situational awareness for Cyber Incident Response Team, Monthly Business Review, SecOps Leads Group, Global Physical Security Team, Security Infrastructure Group, and Threat Vulnerability Management.

•Created 350+ custom alerts in Splunk SIEM to assist Cyber Incident Response Team, Global Physical Security Team, and other teams including Multiple APT / Zero-Day / Aggressive Reconnaissance, Multiple Anomaly detection, Multiple Port/Host definition, Multiple DLP, Multiple Windows Events, Multiple Vulnerability Remediation, Multiple Firewall, Multiple Torrenting, Malware / Malware not Cleaned, Multiple Insider Threat, O365 Persistent Login / O365 numerous failed logins followed by successful login, Blacklisted Application Detection, Teams/OneDrive/Sharepoint Anonymous User detection, Modified CMDB (Host detection) – correlated with Antivirus / Active Directory data, Space Planning, Physical Security User Behavior, CnC Beaconing, Corporate Travel, Proxy, Multiple Phishing Campaign / Spoofed, Domain Generated Algorithm Detection, Physical Security Officer Patrol, Multiple Natural Disaster, Multiple Physical Security World Critical Events, Multiple Botnet, Multiple Powershell / Obfuscated Powershell Activity, and High-Value Asset Identification.

•800+ knowledge objects including Multiple Environment Identification (Lab/Wifi/Workstations/Servers), Multiple Physical Security Reader Identification (Emergency Response and User Behavior Use Cases), Multiple Port / Host Identification (Building Blocks for Correlated Rules / Enriched Data Searches / Anomaly Detection), Multiple Whitelist (DLP / Authorized Activity / Blacklisted Application), Multiple Event Types / Lookups / Tags / Field Aliasing / Field Extractions.

•Directly responsible for supervising a 24/7 cybersecurity intake and monitoring operations for a global software engineering firm.

•Conducts 24/7 monitoring for a hyper-converged network (physical, virtual, cloud-based) with 10,000 endpoints, 8,500 customers, and over 2,500 network devices spanning 250 geographic areas including primary and alternate disaster recovery data centers. Conducts intake and monitoring Response for over 5,000 security incidents, including over 1,000 high severity security including source code violations, PII breach/loss, denial of service events, copyright infringement, and network worms.

•Supports the cyber incident response team in an analysis of over 1,000 suspected phishing emails, including global phishing expeditions against 10,000+ users in all major countries globally.

•Supports the consolidation of managed security service providers and geographic reorganization of cybersecurity operations overseas, resulting in financial savings of over $1.5 million annually.

Account Management

•Works closely with corporate security management to ensure all contractual agreements are honored according to contract. Responsibilities include informal training of other officers, training reporting, and record keeping. Investigates and edits incident reports for accuracy and continuity

•Supervises a staff of more than 30 security officers, prepared overall security plans, and managed security operations of the organization, including assignments and staffing. Conducts investigations of property loss, thefts, and criminal activities and provided reports to client and Securitas management.

•Conceptualizes and implements high-caliber officer incentive, retention, and recognition program and provided reports to Securitas Branch Management. Conducts on-site training for new security officers or assigned a senior officer in my absence

•Serves as the primary person in charge of controlling access to the site through the admittance process; screened visitors and employees to establish authorized access.

•Maintains safety and security for a premiere, national client, their visitors, and all property. Primary security point of contact for After-Hours Network Vulnerability Intrusion Attempts

•Utilizes CCURE 800/8000, an elaborate CCTV / Pelco system, and multiple internal/external communications mechanisms while investigating various types of incidents to include: vehicle accidents, medical emergencies, fire and facility alarms, thefts, and breech points.

•Researches security activities, incident reports, fire alarms, panic alarms, parking availability, and access system requests for over 15 sites in 6 states and the District of Columbia and generates reports for the client. Compiles pertinent information for daily supervisor report and pass down.

Additional Key Highlights

•Sent by a client overseas for three weeks (April 2018) to bring online a new Global Fusion Center in Pune, India, and trained 11 staff members stationed there. The only officer to win the Supervisor / Command Operator award three times.

•Identified by the client as having superior computer expertise and was sent to Mountain View California for Engineering Level training conducted by Quantum Secure – the creators of SAFE (VPass).

•Created Veritas Site List and Veritas Interactive Site Map from scratch, which is now used by the Office of Corporate Security, Information Security, CIO Security Team, and Human Resources.

•Created Primary / Secondary / Tertiary Point of Contact Matrix for Emergency Response and notification – a system that has been utilized in critical events such as the Munich Active Shooter, Miami Children’s Hospital Active Shooter, and Turkey Coup

•Created more than Ten Traveler Trifold briefings on behalf of Veritas Global Protective Service to conduct briefings to international travelers. Created Veritas Leadership Team Tracking Matrix to ensure high visibility of key personnel.

•Created over 40 training videos to ensure that all VSOC staff are fully trained.

•Created Veritas Personnel Location Matrix (8,561 employees).Created Post Orders and Standard Operating Procedures for Security Fusion Center. Was the “go-to” source for countless Veritas employees when there was a project that they needed to have completed immediately.

INTELLIGENCE ANALYST/INFORMATION SYSTEMS SECURITY OFFICER

United States Army 01/2000-06/2004

Supervised between 11 and 20 Soldiers in Intelligence Field and oversaw actionable, timely intelligence to commanders in direct support of the operational mission. Served as a lead Intelligence Analyst/ISSO Darmstadt, Germany, led the planning of deployments for procurement of materials to support deployment and implementation of an aforementioned plan for Deployable Intelligence Support Element (DISE) to conduct intelligence gathering operations to support higher headquarters commanders and units. Served as ISO (Information Security Officer)(Person in charge of a computer network) while on one deployment.

•Deployed to Kosovo was solely responsible for multi-million dollar Trojan Spirit II / JWICS system (Joint Worldwide Intelligence Communications System) (Satellite system that transmits and receives information classified at a level higher than Top Secret), served as S2 (Intelligence Position) for United States National Intelligence Cell and conducted daily briefings for highest-ranking NATO officers stationed in the country.

•Conducted more than 30 network vulnerability/cybersecurity operations briefings and classes for military personnel, which led to being awarded numerous coins (Army informal award).

•Assisted with Single Scope Background Investigations and Full Scope Background Investigations, including polygraph examinations.